WHAT IS CLAIMED IS: 



1 1. A software tool for use in configuring firewalls, comprising: 

2 an interface which communicates with a database to obtain the 

3 identification of firewall devices associated with a network and generate a first 

4 display which lists said devices; and 

5 means responsive to the selection of one of the devices in said list to 

6 generate a second display which lists conduits within said device, wherein each 

7 conduit is identified by descriptive names stored in said database for local and 

8 external devices and/or networks that are logically connected by the conduit. 

1 2. The tool of claim 1, further including means responsive to the 

2 selection of one of the devices listed in said first display to generate a third display 

3 which lists internal networks owned by an entity associated with the selected 

4 device, and means to selectively open and close conduits respectively 

5 corresponding to said internal networks. 

1 3. The tool of claim 2 wherein said means to selectively open and 

2 close conduits comprises a graphical object adjacent each listing of an internal 

3 network that can be selected by a user to toggle between open and closed states for 

4 the listed network. 

1 4. The tool of claim 2 wherein said third display further includes 

2 means for adding a new conduit to one of the internal networks. 

1 5 . The tool of claim 4 wherein said means for adding a new conduit 

2 to one of the internal networks includes an identification of each protocol that can 

3 be associated with the new conduit, and graphical objects via which a user can 

4 select each of said protocols. 
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1 6. A method for configuring firewalls, comprising the following 

2 steps: 

3 communicating with a database to obtain the identification of firewall 

4 devices associated with a network; 

5 generating a first display which lists said devices; and 

6 detecting the selection of one of the devices in said list; and 

7 generating a second display which lists conduits within said device, 

8 wherein each conduit is identified by descriptive names stored in said database for 

9 local and external devices and/or networks that are logically connected by the 
10 conduit. 

1 7. The method of claim 6, further including the steps of generating a 

2 third display which lists internal networks owned by an entity associated with the 

3 selected device, in response to the selection of one of the devices listed in said first 

4 display, and which enables a user to selectively open and close conduits 

5 respectively corresponding to said internal networks. 

1 8. The method of claim 7 wherein said third display includes a 

2 graphical object adjacent each listing of an internal network that can be selected by 

3 a user to toggle between open and closed states for the listed network. 

1 9. The method of claim 7 wherein said third display further enables 

2 a user to add a new conduit to one of the internal networks. 

1 10. The method of claim 9 wherein said third display includes an 

2 identification of each protocol that can be associated with the new conduit, and 

3 graphical objects via which a user can select each of said protocols. 
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